A Public-Key Cryptosystem Based on the Word Problem

  • Neal R. Wagner
  • Marianne R. Magyarik
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 196)


The undecidable word problem for groups and semigroups is investigated as a basis for a public-key cryptosystem. A specific approach is discussed along with the results of an experimental implementation. This approach does not give a provably secure or practical system, but shows the type of cryptosystem that could be constructed around the word problem. This cryptosystem is randomized, with infinitely many ciphertexts corresponding to each plaintext.


Word Problem Quotient Group Special Word Extra Relator Undecidable Problem 


  1. [Adle83]
    L. M. Adleman, “On breaking the iterated Merkle-Hellman public-key cryptosystem,” Advances in Cryptology: Proceedings of Crypto 82 ed by D. Chaum et al., Plenum, 1983, pp. 303–308.Google Scholar
  2. [Aho74]
    A V. Aho, J. E. Hopcroft, and J. D. Ullman, The Design and Analysis of Computer Algorithms, Addison-Wesley, 1974.Google Scholar
  3. [Blum83]
    M. Blum. “How to exchange (secret) keys,” ACM Transactions on Computer Systems 1,2 (May 1985). pp. 175–193.CrossRefGoogle Scholar
  4. [Boon59]
    W. W. Boone, “The word problem,” Annals of Math. 70 (1981), pp. 207–265.CrossRefMathSciNetGoogle Scholar
  5. [Bras79]
    G. Brassard, “A note on the complexity of cryptography,” IEEE Transactions on Information Theory, IT-25,2 (Mar. 1979), pp. 232–233.CrossRefMathSciNetGoogle Scholar
  6. [Bras81]
    G. Brassard, “An optimally secure relativized cryptosystem,” Advances in Cryptography. A report on CRYPTO 81, ed. by A Gersho, ECE REPT. No. 82-04, Dept. of Elect. and Computer Eng., Univ. of Calif., Santa Barbara, pp. 54–58.Google Scholar
  7. [Crow63]
    R. H. Crowell, and R. H Fox, Introduction to Knot Theory, Blaisdell, 1963.Google Scholar
  8. [Diff76]
    W. Diffie, and M. E. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory IT-22,6 (Nov. 1976), pp. 644–654.CrossRefMathSciNetGoogle Scholar
  9. [Gary79]
    M. R. Gary, and D. S. Johnson, Computers and Intractability A Guide to the Theory of NP-Completeness, W. H. Freeman, 1979.Google Scholar
  10. [Horo78]
    E. Horowitz, and S. Sahni, Fundamentals of Computer Algorithms, Computer Science Press, 1978.Google Scholar
  11. [Lynd77]
    R. C. Lyndon, and P. E. Schupp, Combinatorial Group Theory, Springer, 1977.Google Scholar
  12. [Magn66]
    W. Magnus, A Karrass, and D. Solitar, Combinatorial Group, Theory: Presentations of Groups in Terms of Generators and Relations, J. Wiley (interscience), 1966.Google Scholar
  13. [Merk78]
    R. C. Merkle, and M. E. Hellman, “Hiding information and signatures in trapdoor knapsacks,” IEEE Transactions on Information Theory IT-24,5 (Sept. 1978), pp. 525–530.CrossRefGoogle Scholar
  14. [Novi55]
    P. S. Novikov, “On the algorithmic unsolvability of the word problem in group theory,” Trudy Mat. Inst. Steklov 44, 143 (1955).Google Scholar
  15. [Ong84]
    H. Ong, C. P. Schnorr, and A Shamir, “An efficient signature scheme based on quadratic equations,” Proc. of the Sixteenth Annual ACM Symposium of Theory of Computing, ACM 1984, pp. 208–216.Google Scholar
  16. [Rabi58]
    M. O. Rabin, “Recursive unsolvability of grow theoretic problems,” Annals of Math. 67 (1958), pp. 172–194.CrossRefMathSciNetGoogle Scholar
  17. [Rabi79]
    M. O. Rabin, “Digitalized signatures and public-key functions as intractable as factorization,” Technical Report No. TR-212, MIT Lab. for Computer Science (Jan. 1979).Google Scholar
  18. [Rive78]
    R. L. Rivest, A Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM 21,2 (Feb. 1978), pp. 120–126.MATHCrossRefMathSciNetGoogle Scholar
  19. [Rive79]
    R. L. Rivest, “Critical remarks on ‘Critical remarks on some public-key cryptosystems’”, BIT 19 (1979), pp. 274–275.MATHCrossRefMathSciNetGoogle Scholar
  20. [Rive83]
    R. L. Rivest, and A T. Sherman, “Randomized encryption techniques,” Advances in Cryptology: Proceedings of Crypto 82, ed. by D. Chaum et. al., Plenum, 1983, pp. 145–163.Google Scholar
  21. [Rotm73]
    J. J. Rotman, Theory of Groups: An Introduction, Second Edition, Allyn and Bacon, 1973.Google Scholar
  22. [Sha83a]
    A. Shamir, “A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem,” Advances in Cryptology: Proceedings of Crypto 82, ed. by D. Chaum et al., Plenum, 1983, pp. 279–288.Google Scholar
  23. [Sha83b]
    A. Shamir, “The strongest knapsack-based cryptosystem?” (presentation at Crypto 82).Google Scholar
  24. [Sna83c]
    A. Shamir, “On the generation of cryptographically strong pseudorandom sequences,” ACM Transactions on Computer Systems 1,1 (Feb. 1983), pp. 38–44.CrossRefMathSciNetGoogle Scholar
  25. [Tarj83]
    R. E. Tarjan, Data Structures and Network Algorithms, SIAM, 1983.Google Scholar
  26. [Wagn84]
    N. R. Wagner, “Searching for public-key cryptosystems,” Proceedings of the 1984 Symposium on Security and Privacy, IEEE Computer Society, pp. 91–98.Google Scholar
  27. [Will80]
    H. C. Williams, “A modification of the RSA public-key encryption procedure,” IEEE Transactions on Information Theory, IT-26,6 (Nov. 1980), pp. 726–729.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1985

Authors and Affiliations

  • Neal R. Wagner
    • 1
  • Marianne R. Magyarik
    • 1
  1. 1.Mathematics and Computer ScienceDrexel UniversityPhiladelphiaUSA

Personalised recommendations